"Maritime Cyber Incidents Increased at Least 68 Percent in 2021, Coast Guard Reports"
According to a new US Coast Guard Cyber Command (CGCYBER) report on maritime cybersecurity trends, the importance of cyber hygiene, detection, and response grew exponentially last year because of a 68 percent increase in reported maritime cyber incidents and USCG efforts to ensure maritime facilities are compliant with cyber regulations. Physical facility access control systems can be compromised by a cyberattack on the port environment. A cyberattack on the port environment can compromise physical facility access control systems, manipulate terminal and gate operating systems to leak sensitive supply chain data or facilitate smuggling or cargo theft, halt port operations by compromising the terminal headquarters, and more. The US CGCYBER's first Cyber Protection Team assesses threats and vulnerabilities, identifies the presence of adversaries on networks and systems, and responds to cyber incidents. The first team was fully operational in May 2021, with the second team following in November 2021. In 2021, the Maritime Cyber Readiness Branch (MCRB) of CGCYBER, which translates cybersecurity details into measurable operational risk, investigated 47 cybersecurity incidents, including several large-scale incidents affecting multiple organizations simultaneously. Despite the fact that the number of reported incidents has increased 68 percent since 2020 (28 total incidents), the MCRB believes many other incidents go undetected or unreported. Maze, Sodinokibi, and Ryuk were the three most popular Ransomware-as-a-Service (RaaS) variants targeting the maritime transportation system in 2021. There were slight increases in phishing attacks in industries within the maritime environment, such as logistics and shipping. Phishing remained the most common method by which malicious actors delivered malicious code in 2021, and both nation-state actors and cybercriminals are expected to continue using phishing emails to gain initial access to victim networks. This article continues to discuss findings and key points shared in CGCYBER's "2021 Cyber Trends and Insights in the Marine Environment" report.